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I. THE PATENT CLAIMS 

1 1 . (Currently amended) A method for auditing the security of a first enterprise including 

2 plural computers, where the term enterprise is defined to be a collection of computers, software, 

3 and networking that interconnects the computing environment of an organization of people who 

4 may be widely distributed geographically , comprising: 

5 collecting security information from the computers of the first enterprise under audit; 

6 analyzing the security information and providing a first result of this analysis; and 

7 comparing this first result with a second result comprising information derived from 



8 information previously obtained through application of the collecting and analyzing steps to one 

9 or more other enterprises that interconnect the computing environments of other different 

10 organizations of people who may also be widely distributed , these one or more other enterprises 

1 1 together forming a relevant peer group of other different organizations of people, the result of 

12 this comparing step indicating the relative security of the first enterprise under audit relative to 

13 that of the peer group of one or more other enterprises; 



14 where a peer group is defined to be a group of one or more enterprises assigned to the 

15 same business category as the first enterprise, enterprises involved in the same (or a similar) 

16 industry or business as the first enterprise, enterprises having computers configured similarly to 

17 the first enterprise's computers, or enterprises required to comply with the same security 

1 8 standards as the first enterprise, or a combination of these. 
1 2-3. (Cancelled) 

1 4. (Original) The method of claim 1, further comprising the step of generating at least 

2 one report that presents the first and second results arranged in a way that facilitates their 

3 comparison. 

1 5. (Original) The method of claim 4 wherein the generating step includes presenting the 

2 first and second results each broken down into several results relating to several different areas 

3 of security, with a first and a second result presented for each different area of security and 

4 arranged in a way that facilitates their comparison. 
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1 6. (Original) The method of claim 5 wherein, in the generating step, the results relating 

2 to several different areas of security comprise results arising from analysis of personnel security 

3 information and physical security information, at least some of the information included in the 

4 first result having been gathered using interviews during the collecting step. 

1 7. (Original) The method of claim 5 wherein, in the generating step, the results relating 

2 to several different areas of security comprise results arising from analysis of password security 

3 information and file access permission security information. 

1 8. (Original) The method of claim 7 wherein, in the generating step, the results relating 

2 to several different areas of security further comprise results arising from analysis of personnel 

3 security information and physical security information, at least some of the information included 

4 in the first result having been gathered using interviews during the collecting step. 

1 9. (Previously presented) The method of claim 5 wherein, in the generating step, the 

2 several different areas of security comprise one or more results of analysis of computer 

3 configuration security information and one or more results of analysis of security information 

4 gathered using interviews. 

1 10. (Previously presented) The method of claim 9 wherein, in the generating step, the 

2 one or more results of analysis of computer configuration security information comprise results 

3 arising from analysis of password security information. 

1 11. (Previously presented) The method of claim 9 wherein, in the generating step, the 

2 one or more results of analysis of computer configuration security information comprises results 

3 arising from analysis of file access permission security information. 

1 12. (Original) The method of claim 4, wherein the generating step generates at least two 

2 comparative reports in different formats for different requesting parties or uses, and in particular 

3 one for technical experts that includes technical language and details and another for non- 

4 technical-experts that substantially excludes technical language and details. 

1 13. (Previously presented) The method of claim 1, to which is added: 
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2 generating and executing commands to alter the security information of one or more 

3 computers to improve system security in at least some cases when the analysis or comparison or 

4 both indicate security is in need of improvement. 

1 14. (Original) The method of claim 13, further comprising; 

2 generating at least one report that presents the first and second results arranged in a way 

3 that facilitates their comparison. 

1 15. (Original) The method of claim 13 wherein the generating commands step generates 

2 commands which force the deactivation or correction of one or more passwords when the 

3 analysis or comparison or both indicate that these one or more passwords are not sufficiently 

4 secure. 

1 16. (Original) The method of claim 13 wherein the generating commands step generates 

2 commands which force alteration of one or more configuration file or control file access 

3 permissions if the analysis or comparison or both indicate that the access permissions assigned to 

4 these one or more files do not provide adequate system security. 

1 17. (Currently amended) A system for auditing the security of a first enterprise, where 

2 the term enterprise is defined to be a collection of computers, software, and networking that 

3 interconnects the computing environment of an organization of people who may bo widely 

4 distributed geographically , comprising: 

5 a plurality of computers within the first enterprise under audit; 

6 collectors associated with the computers and arranged to collect from the computers 

7 information concerning the security of the first enterprise under audit; 

8 a security analyzer arranged to analyze the information concerning the security of the 

9 first enterprise under audit and to provide a first result of this analysis; 

10 a data base containing a second result comprising information derived from information 

1 1 previously obtained through application of the collectors and security analyzer to one or more 

12 other enterprises that interconnect the computing environments of other different organizations 

13 of people who may also bo widely distributed , these one or more other enterprises together 

14 forming a relevant peer group of other different organizations of people; and 
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15 a comparison mechanism arranged to compare the first and second results to determine 

16 the relative security of the first enterprise under audit in comparison to that of the one or more 

17 enterprises of other different organizations of people in the relevant peer group; 

1 8 where a peer group is defined to be a group of one or more enterprises assigned to the 

19 same business category as the first enterprise, enterprises involved in the same (or a similar) 

20 industry or business as the first enterprise, enterprises having computers configured similarly to 

21 the first enterprise's computers, or enterprises required to comply with the same security 

22 standards as the first enterprise, or a combination of these. 

1 18. (Original) A system in accordance with claim 17 to which is added: 

2 a report generator that generates at least one report which presents the first and second 

3 results arranged each broken down into several results relating to several different areas of 

4 security, with a first and second result presented for each different area of security and arranged 

5 in a way that facilitates their comparison. 

1 19. (Previously presented) A system in accordance with claim 17 to which is added: 

2 change agents associated with the computers and able to execute commands that alter 

3 computer configuration information; and 

4 a command generator that provides commands to the change agents on selected 

5 computers to alter computer configuration information to improve system security in response to 

6 the analyzer or comparison mechanism or both determining security improvements are needed. 

1 20. (Original) A system in accordance with claim 19 wherein the command generator 

2 includes a mechanism that can generate commands which, when executed, cause one or more of 

3 the change agents to force the deactivation or correction of one or more secure passwords if the 

4 security analyzer or comparison mechanism or both determine that one or more passwords are 

5 not sufficiently secure. 

1 21. (Previously presented) A system in accordance with claim 1 9 wherein the command 

2 generator includes a mechanism that can generate commands which, when executed, cause one 

3 or more of the change agents to force the alteration of the access permissions of one or more 

4 configuration files or control files if the security analyzer or comparison mechanism or both 
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5 determine that the access permissions assigned to one or more such files do not provide 

6 sufficient security. 

1 22. (Currently amended) A system for auditing the security of a first enterprise, where 

2 the term enterprise is defined to be a collection of computers, software, and networking that 

3 interconnects the computing environment of an organization of people who may bo widely 

4 distributed geographically , comprising: 

5 a plurality of computers within the first enterprise under audit; 

6 collector means associated with the computers for collecting information from the 

7 computers concerning the security of the first enterprise under audit; 

8 security analyzer means for analyzing the information concerning the security of the first 

9 enterprise under audit and for providing a first result of this analysis; 

10 data base means for storing and for presenting a second result comprising information 

1 1 derived from information previously obtained through application of the collector means and 

12 security analyzer means to one or more other enterprises that interconnect the computing 

1 3 environments of other different organizations of people who may also bo widely distributed , 

14 these one or more other enterprises together forming relevant peer group of other different 

15 organizations of people; and 

16 comparison means for comparing the first and second results to determine the relative 

17 security of the first enterprise under audit in comparison to that of the one or more enterprises of 

1 8 other different organizations of people in the relevant peer group; 

19 where a peer group is defined to be a group of one or more enterprises assigned to the 

20 same business category as the first enterprise, enterprises involved in the same (or a similar) 

21 industry or business as the first enterprise, enterprises having computers configured similarly to 

22 the first enterprise's computers, or enterprises required to comply with the same security 

23 standards as the first enterprise, or a combination of these. 

1 23. (Previously presented) A system in accordance with claim 22 to which is added 

2 report generation means for generating at least one report which presents the first and 

3 second results each broken down into several results relating to several different areas of 
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4 security, with a first and second result presented for each different area of security and arranged 

5 in a way that facilitates their comparison. 

1 24. (Previously presented) A system in accordance with claim 22 to which is added 

2 change agent means associated with the computers for executing commands that alter 

3 computer configuration information; and 

4 command generator means for providing commands to the change agent means on 

5 selected computers as needed to alter system configuration information to improve system 

6 security in response to the security analyzer means or the comparison means or both determining 

7 that security improvements are needed. 
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